package com.control;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.alibaba.fastjson.JSON;
import com.dao.Hand;
import com.dao.SqlOfUser;
import com.servlet.M;
import com.servlet.M2;
import com.servlet.My;
import com.util.Url;

import hyl.core.MyFun;
import hyl.core.info.Content;
import hyl.ext.base.MySession;
import hyl.ext.web.ms.*;

/* 
* <p>
* 
* @className: UserSeviceMq
*             </p>
*             <p>
*             Description: 仅适用于事务方法和长时请求方法
*             </p>
* 
* @author: zoudyaou qq:37798955
* @date: 2018年11月20日 上午11:26:00
* @copyright: 2018 zoudayou Inc. All rights reserved.
*             注意：代码版权归邹达有所有，任何人未经授权不得私自用于商业目的
*/
@Controller("SsoControl")
public class SsoAControl {
	TMsA _ma;

	public SsoAControl() {
		_ma = TMsA.getInstance();
	}

	/**
	 * 有openid sso授权登录
	 * 
	 * @appid openid tokenid
	 */
	@RequestMapping("/l/sologin")
	@ResponseBody
	public String sologin(HttpServletRequest request, @RequestParam Map<String, String> r) {
		MySession tk = My.getSession(request);
		// HttpServletRequest req, HttpServletResponse res,
		// CacheQueueString cache =
		// CacheQueueString.getInstance("cache4","testqueueString");
		String url = request.getHeader("Referer");
		boolean flag = Hand.url_比对(r.get("appid"), Url.get_top_domain(url));
		if (!flag) {
			tk.msg.setCode(M2.无效域名, "{\"msg\":\"ERROR\"}");
			return JSON.toJSONString(tk.msg.get());// 错误的域名访问
		}
		if (!tk.getTokenId().equals(r.get("tokenid"))) {
			tk.msg.setCode(M2.无效token, "{\"msg\":\"ERROR\"}");
			return JSON.toJSONString(tk.msg.get());
		}
		String appid = r.get("appid");
		String openid = r.get("openid");
		if (tk.getUserId() == null) {// 没有token表示无权限 ,返回登录页面
			return checkLogin(tk, appid, openid).toJsonString();
		} else {// 会话存在
			tk.msg.setCode(1, M.MSG_登录成功);
			tk.start();
			return tk.msg.toJsonString();
		}
	}

	public Content checkLogin(MySession tk, String appid, String openid) {
		if (MyFun.isEmpty(appid) || MyFun.isEmpty(openid)) {
			tk.msg.setCode(M2.密钥错误, M.MSG_appid或openid);
			return tk.msg;
		}
		Map<String, Object> user = SqlOfUser.slogin(appid, openid);
		if (user.isEmpty()) {// 用户名密码错误
			tk.msg.setCode(M2.密钥错误, M.MSG_appid或openid);
			return tk.msg;
		} else {// 验证通过，完善token

			SqlOfUser.instance().setLoginSession(tk, user);
			return tk.msg;
		}
	}

	/**
	 * 获得tokenid
	 * 
	 * @appid app的appid
	 */
	@RequestMapping("/ex/gtokenid")
	@ResponseBody
	public String gtoken(HttpServletRequest request, @RequestParam String appid) {
		MySession tk = My.getSession(request);
		String url = request.getHeader("Referer");
		boolean flag = Hand.url_比对(appid, Url.get_top_domain(url));
		if (!flag) {
			tk.msg.setCode(M2.无效域名, "{\"tokenid\":\"null\"}");
			return JSON.toJSONString(tk.msg.get());// 错误的域名访问
		}
		/*
		 * if(!MyFun.isEmpty(tk.getTokenId())&&(MyFun.getMs()-tk.getLastStamp()<M2.失效时间)
		 * ) { System.out.println("没有失效");
		 * System.out.println(JSON.toJSONString(tk.tag)); tk.msg.setCode(0,
		 * "{\"tokenid\":\""+tk.getTokenId()+"\"}"); return
		 * JSON.toJSONString(tk.msg.get());//错误的域名访问 }
		 */
		tk.msg.setCode(0, "{\"tokenid\":\"" + tk.getTokenId() + "\"}");
		return JSON.toJSONString(tk.msg.get());
	}

	/**
	 * 在sso注册
	 * 
	 * @R 多参数 appid,tokenid,uphone,upass,ualias,sex 可能有短信验证码
	 */
	@RequestMapping("/ex/reguser")
	@ResponseBody
	public String reguser(HttpServletRequest request, @RequestParam Map<String, String> R) {
		String url = request.getHeader("Referer");
		boolean flag = Hand.url_比对(R.get("appid"), Url.get_top_domain(url));
		MySession tk = My.getSession(request);
		if (!flag) {
			tk.msg.setCode(M2.无效域名, "{\"openid\":\"null\"}");
			return JSON.toJSONString(tk.msg.get());
		}
		if (!tk.getTokenId().equals(R.get("tokenid"))) {
			tk.msg.setCode(M2.无效token, "{\"openid\":\"null\"}");
			return JSON.toJSONString(tk.msg.get());
		}
		String openid = SqlOfUser.add_User(R);
		if (openid.equals("repeat")) {
			tk.msg.setCode(M2.手机重复, "{\"openid\":\"null\"}");
		} else {
			tk.msg.setCode(0, "{\"openid\":\"" + openid + "\"}");
		}
		return JSON.toJSONString(tk.msg.get());
	}

	/**
	 * 在sso注册
	 * 
	 * @R 多参数 tokenid,uphone,upass,ualias,sex 没有appid 可能有短信验证码
	 */
	@RequestMapping("/ex/reguser2")
	@ResponseBody
	public String reguser2(HttpServletRequest request, @RequestParam Map<String, String> R) {
		/*
		 * StringBuffer url = request.getRequestURL(); boolean flag =
		 * Hand.url_比对(R.get("appid"), Url.get_top_domain(url.toString())); if(!flag)
		 * return "error";//错误的域名访问
		 */
		MySession tk = My.getSession(request);
		if (!tk.getTokenId().equals(R.get("tokenid"))) {
			tk.msg.setCode(M2.无效token, "{\"openid\":\"null\"}");
			return JSON.toJSONString(tk.msg.get());
		}
		String openid = SqlOfUser.add_User(R);
		tk.msg.setCode(0, "{\"openid\":\"" + openid + "\"}");
		return JSON.toJSONString(tk.msg.get());
	}

	/**
	 * 绑定第三方appid，获得openid
	 * 
	 * @R 多参数 tokenid,uphone,upass,appid
	 */
	@RequestMapping("/ex/bindapp")
	@ResponseBody
	public String bind_appid_openid(HttpServletRequest request, @RequestParam Map<String, String> R) {
		String url = request.getHeader("Referer");
		boolean flag = Hand.url_比对(R.get("appid"), Url.get_top_domain(url));
		MySession tk = My.getSession(request);
		if (!flag) {
			tk.msg.setCode(M2.无效域名, "{\"openid\":\"null\"}");
			return JSON.toJSONString(tk.msg.get());
		}

		if (!tk.getTokenId().equals(R.get("tokenid"))) {
			tk.msg.setCode(M2.无效token, "{\"openid\":\"null\"}");
			return JSON.toJSONString(tk.msg.get());
		}
		String openid = SqlOfUser.bind_app(R);
		tk.msg.setCode(0, "{\"openid\":\"" + openid + "\"}");
		return JSON.toJSONString(tk.msg.get());
	}

}
